All the vulnerabilites related to plataformatec - devise
cve-2019-16109
Vulnerability from cvelistv5
Published
2019-09-08 19:57
Modified
2024-08-05 01:03
Severity ?
EPSS score ?
Summary
An issue was discovered in Plataformatec Devise before 4.7.1. It confirms accounts upon receiving a request with a blank confirmation_token, if a database record has a blank value in the confirmation_token column. (However, there is no scenario within Devise itself in which such database records would exist.)
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/plataformatec/devise/pull/5132 | x_refsource_MISC | |
| https://github.com/plataformatec/devise/issues/5071 | x_refsource_MISC | |
| https://github.com/plataformatec/devise/compare/v4.7.0...v4.7.1 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:03:32.796Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/plataformatec/devise/pull/5132"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/plataformatec/devise/issues/5071"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/plataformatec/devise/compare/v4.7.0...v4.7.1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Plataformatec Devise before 4.7.1. It confirms accounts upon receiving a request with a blank confirmation_token, if a database record has a blank value in the confirmation_token column. (However, there is no scenario within Devise itself in which such database records would exist.)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-08T19:57:27",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/plataformatec/devise/pull/5132"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/plataformatec/devise/issues/5071"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/plataformatec/devise/compare/v4.7.0...v4.7.1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Plataformatec Devise before 4.7.1. It confirms accounts upon receiving a request with a blank confirmation_token, if a database record has a blank value in the confirmation_token column. (However, there is no scenario within Devise itself in which such database records would exist.)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/plataformatec/devise/pull/5132",
"refsource": "MISC",
"url": "https://github.com/plataformatec/devise/pull/5132"
},
{
"name": "https://github.com/plataformatec/devise/issues/5071",
"refsource": "MISC",
"url": "https://github.com/plataformatec/devise/issues/5071"
},
{
"name": "https://github.com/plataformatec/devise/compare/v4.7.0...v4.7.1",
"refsource": "MISC",
"url": "https://github.com/plataformatec/devise/compare/v4.7.0...v4.7.1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-16109",
"datePublished": "2019-09-08T19:57:27",
"dateReserved": "2019-09-08T00:00:00",
"dateUpdated": "2024-08-05T01:03:32.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-0233
Vulnerability from cvelistv5
Published
2013-04-25 23:00
Modified
2024-09-17 02:41
Severity ?
EPSS score ?
Summary
Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform type conversion when performing database queries, which might allow remote attackers to cause incorrect results to be returned and bypass security checks via unknown vectors, as demonstrated by resetting passwords of arbitrary accounts.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.metasploit.com/modules/auxiliary/admin/http/rails_devise_pass_reset | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2013/01/29/3 | mailing-list, x_refsource_MLIST | |
| http://www.phenoelit.org/blog/archives/2013/02/05/mysql_madness_and_rails/index.html | x_refsource_MISC | |
| http://lists.opensuse.org/opensuse-updates/2013-03/msg00000.html | vendor-advisory, x_refsource_SUSE | |
| http://www.securityfocus.com/bid/57577 | vdb-entry, x_refsource_BID | |
| http://blog.plataformatec.com.br/2013/01/security-announcement-devise-v2-2-3-v2-1-3-v2-0-5-and-v1-5-3-released/ | x_refsource_CONFIRM | |
| https://github.com/Snorby/snorby/issues/261 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:18:09.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.metasploit.com/modules/auxiliary/admin/http/rails_devise_pass_reset"
},
{
"name": "[oss-security] 20130128 Re: CVE request for \u0027devise\u0027 ruby gem",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/01/29/3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.phenoelit.org/blog/archives/2013/02/05/mysql_madness_and_rails/index.html"
},
{
"name": "openSUSE-SU-2013:0374",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00000.html"
},
{
"name": "57577",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/57577"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.plataformatec.com.br/2013/01/security-announcement-devise-v2-2-3-v2-1-3-v2-0-5-and-v1-5-3-released/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Snorby/snorby/issues/261"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform type conversion when performing database queries, which might allow remote attackers to cause incorrect results to be returned and bypass security checks via unknown vectors, as demonstrated by resetting passwords of arbitrary accounts."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-04-25T23:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.metasploit.com/modules/auxiliary/admin/http/rails_devise_pass_reset"
},
{
"name": "[oss-security] 20130128 Re: CVE request for \u0027devise\u0027 ruby gem",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/01/29/3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.phenoelit.org/blog/archives/2013/02/05/mysql_madness_and_rails/index.html"
},
{
"name": "openSUSE-SU-2013:0374",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00000.html"
},
{
"name": "57577",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/57577"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.plataformatec.com.br/2013/01/security-announcement-devise-v2-2-3-v2-1-3-v2-0-5-and-v1-5-3-released/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Snorby/snorby/issues/261"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-0233",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform type conversion when performing database queries, which might allow remote attackers to cause incorrect results to be returned and bypass security checks via unknown vectors, as demonstrated by resetting passwords of arbitrary accounts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.metasploit.com/modules/auxiliary/admin/http/rails_devise_pass_reset",
"refsource": "MISC",
"url": "http://www.metasploit.com/modules/auxiliary/admin/http/rails_devise_pass_reset"
},
{
"name": "[oss-security] 20130128 Re: CVE request for \u0027devise\u0027 ruby gem",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/01/29/3"
},
{
"name": "http://www.phenoelit.org/blog/archives/2013/02/05/mysql_madness_and_rails/index.html",
"refsource": "MISC",
"url": "http://www.phenoelit.org/blog/archives/2013/02/05/mysql_madness_and_rails/index.html"
},
{
"name": "openSUSE-SU-2013:0374",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00000.html"
},
{
"name": "57577",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/57577"
},
{
"name": "http://blog.plataformatec.com.br/2013/01/security-announcement-devise-v2-2-3-v2-1-3-v2-0-5-and-v1-5-3-released/",
"refsource": "CONFIRM",
"url": "http://blog.plataformatec.com.br/2013/01/security-announcement-devise-v2-2-3-v2-1-3-v2-0-5-and-v1-5-3-released/"
},
{
"name": "https://github.com/Snorby/snorby/issues/261",
"refsource": "MISC",
"url": "https://github.com/Snorby/snorby/issues/261"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-0233",
"datePublished": "2013-04-25T23:00:00Z",
"dateReserved": "2012-12-06T00:00:00Z",
"dateUpdated": "2024-09-17T02:41:33.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-5421
Vulnerability from cvelistv5
Published
2019-04-03 14:21
Modified
2024-08-04 19:54
Severity ?
EPSS score ?
Summary
Plataformatec Devise version 4.5.0 and earlier, using the lockable module contains a CWE-367 vulnerability in The `Devise::Models::Lockable` class, more specifically at the `#increment_failed_attempts` method. File location: lib/devise/models/lockable.rb that can result in Multiple concurrent requests can prevent an attacker from being blocked on brute force attacks. This attack appear to be exploitable via Network connectivity - brute force attacks. This vulnerability appears to have been fixed in 4.6.0 and later.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/plataformatec/devise/issues/4981 | x_refsource_MISC | |
| https://github.com/plataformatec/devise/pull/4996 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Plataformatec | Devise ruby gem |
Version: 4.5.0 and earlier using the lockable module |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.557Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/plataformatec/devise/issues/4981"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/plataformatec/devise/pull/4996"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Devise ruby gem",
"vendor": "Plataformatec",
"versions": [
{
"status": "affected",
"version": "4.5.0 and earlier using the lockable module"
}
]
}
],
"datePublic": "2018-11-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Plataformatec Devise version 4.5.0 and earlier, using the lockable module contains a CWE-367 vulnerability in The `Devise::Models::Lockable` class, more specifically at the `#increment_failed_attempts` method. File location: lib/devise/models/lockable.rb that can result in Multiple concurrent requests can prevent an attacker from being blocked on brute force attacks. This attack appear to be exploitable via Network connectivity - brute force attacks. This vulnerability appears to have been fixed in 4.6.0 and later."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-03T14:21:37",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/plataformatec/devise/issues/4981"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/plataformatec/devise/pull/4996"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2019-5421",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Devise ruby gem",
"version": {
"version_data": [
{
"version_value": "4.5.0 and earlier using the lockable module"
}
]
}
}
]
},
"vendor_name": "Plataformatec"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Plataformatec Devise version 4.5.0 and earlier, using the lockable module contains a CWE-367 vulnerability in The `Devise::Models::Lockable` class, more specifically at the `#increment_failed_attempts` method. File location: lib/devise/models/lockable.rb that can result in Multiple concurrent requests can prevent an attacker from being blocked on brute force attacks. This attack appear to be exploitable via Network connectivity - brute force attacks. This vulnerability appears to have been fixed in 4.6.0 and later."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/plataformatec/devise/issues/4981",
"refsource": "MISC",
"url": "https://github.com/plataformatec/devise/issues/4981"
},
{
"name": "https://github.com/plataformatec/devise/pull/4996",
"refsource": "MISC",
"url": "https://github.com/plataformatec/devise/pull/4996"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2019-5421",
"datePublished": "2019-04-03T14:21:37",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:53.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2013-04-25 23:55
Modified
2024-11-21 01:47
Severity ?
Summary
Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform type conversion when performing database queries, which might allow remote attackers to cause incorrect results to be returned and bypass security checks via unknown vectors, as demonstrated by resetting passwords of arbitrary accounts.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| plataformatec | devise | 1.5.0 | |
| plataformatec | devise | 1.5.1 | |
| plataformatec | devise | 1.5.2 | |
| plataformatec | devise | 1.5.3 | |
| plataformatec | devise | 2.0.0 | |
| plataformatec | devise | 2.0.1 | |
| plataformatec | devise | 2.0.2 | |
| plataformatec | devise | 2.0.3 | |
| plataformatec | devise | 2.0.4 | |
| plataformatec | devise | 2.1.0 | |
| plataformatec | devise | 2.1.1 | |
| plataformatec | devise | 2.1.2 | |
| plataformatec | devise | 2.2.0 | |
| plataformatec | devise | 2.2.1 | |
| plataformatec | devise | 2.2.2 | |
| ruby-lang | ruby | * | |
| opensuse | opensuse | 12.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:plataformatec:devise:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F9C7C7-7723-43D4-91F6-6186D9C9BB10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plataformatec:devise:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "70B06452-931F-4975-84A3-36C1364C9C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plataformatec:devise:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C259DDDF-BC40-46F5-BFFA-0FF2C93E62B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plataformatec:devise:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6B7320C8-E9CB-4954-AE38-2EB81C1BE4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plataformatec:devise:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5682C78A-1FC7-41F8-873E-C61EC8CEA475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plataformatec:devise:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B10284E-9813-4941-9D46-A2E6A7E4B3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plataformatec:devise:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "43680C09-6447-4567-9693-09EABE846CDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plataformatec:devise:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C3096DCF-E91B-4D83-BD15-28D42C12F3B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plataformatec:devise:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C542B5-B5DE-462F-82F8-854837DA1B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plataformatec:devise:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CD02E50-A2C8-43CC-A839-E5CA4A208EC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plataformatec:devise:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49F151AD-49A1-4B6C-BD13-EAC3C9329D56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plataformatec:devise:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9785762C-15CA-4511-AE99-63063E1C4D91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plataformatec:devise:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3646CD4-0C1D-43F7-9259-A6F6D6F8FE4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plataformatec:devise:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB24CBA3-26EA-4B6C-9EBF-018A8004BFE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plataformatec:devise:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FB39D4E-850B-4D13-9B2B-F8DBE707F5E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*",
"matchCriteriaId": "264DD094-A8CD-465D-B279-C834DDA5F79C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D806A17E-B8F9-466D-807D-3F1E77603DC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform type conversion when performing database queries, which might allow remote attackers to cause incorrect results to be returned and bypass security checks via unknown vectors, as demonstrated by resetting passwords of arbitrary accounts."
},
{
"lang": "es",
"value": "Devise v2.2.x antes de v2.2.3, v2.1.x antes de v2.1.3, v2.0.x antes de v2.0.5, v1.5.x antes de v1.5.4 de Ruby, al utilizar ciertas bases de datos, no funciona correctamente cuando se realiza la conversi\u00f3n de tipos consultas de base de datos, lo que podr\u00eda permitir a atacantes remotos provocar resultados incorrectos para ser devueltos y eludir los controles de seguridad a trav\u00e9s de vectores desconocidos, como lo demuestra restablecer las contrase\u00f1as de las cuentas arbitrarias."
}
],
"evaluatorImpact": "Per http://lists.opensuse.org/opensuse-updates/2013-03/msg00000.html\r\n\"Affected Products:\r\nopenSUSE 12.2\"",
"id": "CVE-2013-0233",
"lastModified": "2024-11-21T01:47:07.267",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-25T23:55:01.460",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.plataformatec.com.br/2013/01/security-announcement-devise-v2-2-3-v2-1-3-v2-0-5-and-v1-5-3-released/"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.metasploit.com/modules/auxiliary/admin/http/rails_devise_pass_reset"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/01/29/3"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.phenoelit.org/blog/archives/2013/02/05/mysql_madness_and_rails/index.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/57577"
},
{
"source": "secalert@redhat.com",
"url": "https://github.com/Snorby/snorby/issues/261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.plataformatec.com.br/2013/01/security-announcement-devise-v2-2-3-v2-1-3-v2-0-5-and-v1-5-3-released/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.metasploit.com/modules/auxiliary/admin/http/rails_devise_pass_reset"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/01/29/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.phenoelit.org/blog/archives/2013/02/05/mysql_madness_and_rails/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/57577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/Snorby/snorby/issues/261"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-08 20:15
Modified
2024-11-21 04:30
Severity ?
Summary
An issue was discovered in Plataformatec Devise before 4.7.1. It confirms accounts upon receiving a request with a blank confirmation_token, if a database record has a blank value in the confirmation_token column. (However, there is no scenario within Devise itself in which such database records would exist.)
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/plataformatec/devise/compare/v4.7.0...v4.7.1 | Third Party Advisory | |
| cve@mitre.org | https://github.com/plataformatec/devise/issues/5071 | Third Party Advisory | |
| cve@mitre.org | https://github.com/plataformatec/devise/pull/5132 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/plataformatec/devise/compare/v4.7.0...v4.7.1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/plataformatec/devise/issues/5071 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/plataformatec/devise/pull/5132 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| plataformatec | devise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:plataformatec:devise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99BB624A-FEAB-43EC-99A3-02DEBA5FB517",
"versionEndExcluding": "4.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Plataformatec Devise before 4.7.1. It confirms accounts upon receiving a request with a blank confirmation_token, if a database record has a blank value in the confirmation_token column. (However, there is no scenario within Devise itself in which such database records would exist.)"
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en Plataformatec Devise en versiones anteriores a la 4.7.1. Confirma las cuentas al recibir una solicitud con confirmation_token en blanco, si un registro de base de datos tiene un valor en blanco en la columna confirmation_token. (Sin embargo, no existe ning\u00fan escenario dentro de Devise en el que existan dichos registros de la base de datos)."
}
],
"id": "CVE-2019-16109",
"lastModified": "2024-11-21T04:30:03.900",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-08T20:15:10.487",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/plataformatec/devise/compare/v4.7.0...v4.7.1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/plataformatec/devise/issues/5071"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/plataformatec/devise/pull/5132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/plataformatec/devise/compare/v4.7.0...v4.7.1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/plataformatec/devise/issues/5071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/plataformatec/devise/pull/5132"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-03 15:29
Modified
2024-11-21 04:44
Severity ?
Summary
Plataformatec Devise version 4.5.0 and earlier, using the lockable module contains a CWE-367 vulnerability in The `Devise::Models::Lockable` class, more specifically at the `#increment_failed_attempts` method. File location: lib/devise/models/lockable.rb that can result in Multiple concurrent requests can prevent an attacker from being blocked on brute force attacks. This attack appear to be exploitable via Network connectivity - brute force attacks. This vulnerability appears to have been fixed in 4.6.0 and later.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://github.com/plataformatec/devise/issues/4981 | Exploit, Issue Tracking, Third Party Advisory | |
| support@hackerone.com | https://github.com/plataformatec/devise/pull/4996 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/plataformatec/devise/issues/4981 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/plataformatec/devise/pull/4996 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| plataformatec | devise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:plataformatec:devise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F07D86F3-1A2C-4562-830E-F88779AF55B7",
"versionEndIncluding": "4.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Plataformatec Devise version 4.5.0 and earlier, using the lockable module contains a CWE-367 vulnerability in The `Devise::Models::Lockable` class, more specifically at the `#increment_failed_attempts` method. File location: lib/devise/models/lockable.rb that can result in Multiple concurrent requests can prevent an attacker from being blocked on brute force attacks. This attack appear to be exploitable via Network connectivity - brute force attacks. This vulnerability appears to have been fixed in 4.6.0 and later."
},
{
"lang": "es",
"value": "Mediante la utilizaci\u00f3n del m\u00f3dulo bloqueable, Plataformatec Devise, en versiones 4.5.0 y anteriores, contiene una vulnerabilidad CWE-367 en la clase \"Devise::Models::Lockable\", m\u00e1s espec\u00edficamente en el m\u00e9todo \"#increment_failed_attempts\". La ubicaci\u00f3n del archivo lib/devise/models/lockable.rb, que puede resultar en peticiones m\u00faltiples concurrentes, puede impedir que un atacante sea bloqueado durante ataques de fuerza bruta. Este ataque parece ser explotable mediante la conectividad de red y ataques de fuerza bruta. Esta vulnerabilidad parece haber sido solucionada en versiones 4.6.0 y posteriores."
}
],
"id": "CVE-2019-5421",
"lastModified": "2024-11-21T04:44:54.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-03T15:29:01.663",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/plataformatec/devise/issues/4981"
},
{
"source": "support@hackerone.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/plataformatec/devise/pull/4996"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/plataformatec/devise/issues/4981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/plataformatec/devise/pull/4996"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-367"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-307"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}